Vulnerabilities > Adobe > Acrobat Reader > 9.5.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-14 | CVE-2016-0933 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 10.0 |
| 2016-01-14 | CVE-2016-0932 | Unspecified vulnerability in Adobe products Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. | 6.8 |
| 2016-01-14 | CVE-2016-0931 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | 6.8 |
| 2014-11-30 | CVE-2014-9150 | Race Condition vulnerability in Adobe Acrobat and Acrobat Reader Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. | 6.4 |
| 2011-12-07 | CVE-2011-2462 | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. | 10.0 |
| 2011-06-09 | CVE-2011-2107 | Cross-Site Scripting vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability." Per: http://www.adobe.com/support/security/bulletins/apsb11-13.html 'This issue also affects the authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.3) and earlier 10.x and 9.x versions of Adobe Reader and Acrobat for Windows and Macintosh operating systems.' Per: http://www.adobe.com/support/security/bulletins/apsb11-13.html 'We expect to make available an update for Adobe Acrobat X (10.0.3) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Windows, Adobe Reader X (10.0.3) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011. | 4.3 |